![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 73%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGT%3C/text%3E%3C/svg%3E)
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
655 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
Hello @Ganesh Thorave , Thank you for reaching out.
If understand it correctly you have a FortiGate firewall and Jump Server (VM) deployed in a Vnet and you are unable to ping the jump server from your FortiGate CLI. Typically in such scenarios the issue is due to a NSG blocking ICMP traffic you can follow steps mentioned below to troubleshoot this issue. To validate this point you can also perform a TCP ping and see if it is blocked.
- Can you validate if a NSG at VM's NIC/Subnet level is not blocking any ICMP traffic? if it helps you can check out connection troubleshoot in Azure Network Watcher to help pin-point the issue to any specific NSG rule.
- You can also check whether your VM's OS firewall is not blocking ICMP traffic. For Windows OS you can run
New-NetFirewallRule –DisplayName "Allow ICMPv4-In" –Protocol ICMPv4command to enable ICMP traffic. - If possible, you can also perform a packet capture to help pin-point this issue.
Hope this helps! Please let me know if the issue still persists. Thank you!